The Report shows “No issues to display”, however I am explicitly using noncompliant code that should conflict with our rules. For example, using “=+” instead of “+=” is noncompliant, but does not show up in the report.
I can see that you use a custom QP for Java, are you sure the rule you mention is part of this profile ? Could you update the binding from the settings and retry ?
As the label at the top of your screenshot suggests, this panel is used to configure rules for standalone mode, ie when you are not connected to SQ. When you are connected, the active rules come from the quality profile of the server project.
Could you double check if the java:S2757 rule is activated in the QP ? It looks like it’s not part of it, and it would explain why you don’t get issues for this rule
In the screenshot the name of the Quality Profile associated to the project is QA Automation Java Profile while it was omitted SecDevOps Default in the logs. Do those 2 QPs exist ? Did you try the ‘Update binding’ button for your connection in the Settings > SonarLint window ? Maybe try to recreate the connection ?
As I said earlier, you use outdated versions (notably on the server side) and maybe a bug has been fixed since. It will be hard for me to help you further.
I think you uncovered the underlying issue here (that perhaps warrants a separate post), but it does appear to be working now.
As for what I did, I updated the QP to “QA Automation Java Profile”, but by navigating to the QP itself, and adding the project there (rather from within the project settings). Basically, I went to Quality Profiles > QA Automation Java Profile > Change Projects > Added uidash-webtrade.
The strange issue you described is exactly what we are seeing, but don’t understand why. The project was showing “QA Automation Java Profile” as the associated QP, however, when we navigate to the configuration page for the QP (as described above in the previous paragraph), the project was not listed there as one of the associated projects. In a desperate attempt to fix the linter, I went ahead and manually associated the project.
Unfortunately, I do believe going forward the desire is to use omitted SecDevOps Default and notQA Automation Java Profile. But at least for now, we have more insight into why the linter was not working.
There is maybe a bug in the Quality Profile management on the server, that has maybe been fixed in more recent versions, hence the importance to migrate regularly, at least from LTS to LTS.
